F-Secure: Android accounted for 97% of all mobile malware in 2013, but only 0.1% of those were on Google Play

Back in 2012, Android accounted for 79 percent of all mobile malware. Last year, that number ballooned even further to 97 percent.

Both those data points come from security firm F-Secure, which today released its 40-page Threat Report for the second half of 2013. Here is how bad the situation has become:

More specifically, Android malware rose from 238 threats in 2012 to 804 new families and variants in 2013. Apart from Symbian, F-Secure found no new threats for other mobile platforms last year.

That being said, it’s worth examining what this means to the average Android users. Here are two points F-Secure underlined:

Android threats are primarily a non-US problem — Of the top 10 countries reporting Android malware detections to F-Secure’s systems in the second half of 2013, 75 percent of the reports originated from Saudi Arabia and India; in comparison, the five European countries in the list combined only accounted for a little over 15 percent of reported detections.

Despite the extreme focus of malware authors on the Android platform, F-Secure believes it would be incorrect to say that “Google hasn’t been actively making efforts to increase the security of the Android platform.”

You can see the first point broken down by country below. Aside from Saudi Arabia and India, the US and Finland were the next big targets with 5 percent of reports coming from each, followed by many more European countries.

The second point is worth expanding on. We already know that third-party app stores are the most likely sources of mobile malware. How dire is the situation? F-Secure did the following to try and answer the quesiton:

To roughly gauge how exposed a user would be to malware when browsing these markets, we counted the number of malware found in the samples we received originating from the store and compared that to the total number of samples from the same source. We counted only unique, discrete samples, so multiple samples of a unique malware were only counted once.

For the top four stores (Anzhi, Mumayi, Baidu and eoeMarket), which all cater to the mainland Chinese user population that has restricted access to Google Play, less than 10 percent of the samples were identified as malicious. That’s still a worrying figure, but of all the markets, the one with the highest percentage of malware was Android159, with 33.3 percent of samples classified as malware.

At the very bottom of the list was Google Play itself, with the lowest percentage of malware in the gathered samples: 0.1 percent. F-Secure also noted that “the Play Store is most likely to promptly remove nefarious applications, so malware encountered there tends to have a short shelf life.”

While that’s great news for most Android users, it means Google needs to work on bringing the Play Store to more and more markets and doing the best it can to ensure more Android devices are certified to use it. The company should do so not just because it gets a cut from app sales, but because it will make life harder for Android malware writers.